<?
 include("sqlconnect.php");
 session_start();
 
if( isset($_POST['ld']))
$parameter = $_POST['ld'];
else echo " Ajax Error ";

//$parameter = 'viewallcomments';
		
if($parameter == 'listproducts') 
{ 

		$selected_category = $_POST['cat']; 
		$query= "SELECT * FROM product where product_category = '".$selected_category."'";
		$result= mysql_query($query) or die(mysql_error());

		$p_count = mysql_num_rows($result);
		$i=0;
		$p_name = array();
		$p_price = array();
		$p_id = array();
		$p_vendorname = array();

		while ($row = mysql_fetch_object($result))
		{
		$p_name[$i]	= $row->product_name;
		$p_price[$i] = $row->product_price;
		$p_vendorname[$i] = $row->vendor_name;
		$p_id[$i] = $row->product_id;
		$p_dealtime[$i] = $row->expire_time;

		echo
		'<div id="p'.$p_id[$i].'" class ="commentproduct" onmouseover="copythat(this.id)">

		<div id="pdetails" class ="productrow"> <a class="addbtn" id="addtowishlist" alt="'.$p_id[$i].'"> </a>
		<th scope="col1" id="pname'.$p_id[$i].'" width="400" ><span id="goto'.$p_id[$i].'" class="stdlink" onclick="productview(this.id)">'.$p_name[$i].'</span></th>
		<th scope="col2" id="pprice'.$p_id[$i].'" align="right">$'.$p_price[$i].'</th>
		<th scope="col3" id="vendorname'.$p_id[$i].'" align="right">'.$p_vendorname[$i].'</th>
		<br>
		</div>
		<div id="viewallcomments" class="commentrow">
		<span id= "viewall'.$p_id[$i].'" class="stdlink" onclick="viewallcomments(this.id)">view all comments</span>
		</div>
		<div id="newcomment" class="newcommentrow">
		<span id="spancommentp'.$p_id[$i].'" class="stdlink" onclick="commenton()">Comment</span>
		</div> 
		<div class="clearsumma"> </div>
		<div id="dealtime" class="dealtimerow">
		'.$p_dealtime[$i].' To Go
		</div>
		<div id="commentbox'.$p_id[$i].'">
		</div>
		</div>
		';
		$i++;

		}
		
	}	

if($parameter == 'commentin')
{	
	$comment = $_POST['cm'];
	$current_user = $_SESSION['usrid'];
	$p_id = $_POST['cid'];
	$datenow = date('Y-m-d');
	$timenow = date('H:i:s');
	$query= "INSERT INTO `user_comments` (`user_id`, `product_id`, `comment_time`, `comment_date`, `comment_text`) VALUES ('".$current_user."', '".$p_id."', '".$timenow."', '".$datenow."', '".$comment."')";
	$result= mysql_query($query) or die(mysql_error());
	
}	

if($parameter == 'viewallcomments')
{
	$p_id = $_POST['vpid'];
	$query= "SELECT * FROM user_comments where product_id = '".$p_id."'";
	$result= mysql_query($query) or die(mysql_error());
	
	$c_id = 1;
	while ($row = mysql_fetch_object($result))
	{
		 $c_user[$c_id] = $row->user_id;
		 $c_time[$c_id] = $row->comment_time;
		 $c_date[$c_id] = $row->comment_date;
		 $c_com[$c_id] = $row->comment_text;			
		 $query1= "SELECT * FROM users where user_id = '".$c_user[$c_id]."'";
		 $result1= mysql_query($query1) or die(mysql_error());
		 $row1 = mysql_fetch_object($result1);
		 $c_fname[$c_id] = $row1->user_fname;
		
	echo ' 
	<div id="c'.$c_id.'" class ="commentbox">
	<div id="commentor'.$c_id.'" class ="commentor" >
	<span id="u'.$c_user[$c_id].'" class="namedisplay">'.$c_fname[$c_id].':</span><br><br>
	</div>
	<div id="commentcontent'.$c_id.'" class="commentcontent">
	<span onclick="viewcommentor()">'.$c_com[$c_id].'</span>
	</div>
	<div id="commenttime'.$c_id.'" class="dealtimerow">
	on '.$c_date[$c_id].' at .'.$c_time[$c_id].';
	</div>
	<hr>
	</div>';
	$c_id++;
	}

}
	
?>



